Hybrid key exchange in TLS 1.3 or SSH

2019-09-17 tls web

Hybrid key exchange in TLS 1.3 or SSH


Motivation of hybrid key exchange

  1. tranditional algorithms: have risks in face of quantum computers and cryptanalytic advances
  2. next-generation algorithms: have less confidence in security (due to less studies)

Prototyping post-quantum and hybrid key exchange and authentication in TLS and SSH

hybrid key exchange and hybrid signatures

1.Key Exchange is listed above. 2.Authentication:

extension signature_algorithms_cert and signatur_algorithms

both algorithms should sign the same message.

Sign1(msg) ||Sign2(msg)